IET Information Security最新文献

The guess-and-determine technique find wide applications in the recovery of unknown variables within given system of relations. The fundamental concept behind this technique involves guessing certain unknown variables and deducing the remaining ones based on the relational system. In the context of symmetric cryptography analysis, the guess-and-determine technique is employed to deduce partial subkey information to recover the master key. The set of variables that need to be guessed is called the guess basis.The crux of the guess-and-determine technique lies in identifying the minimal guess basis. By introducing new equal relations and initial constraints, this paper enhances the minimal guess basis mixed integer linear programming (MILP) model. The new model offers a more comprehensive depiction of key schedule, thereby enabling a more accurate and efficient derivation of the minimal guess basis.The novel model is applied to the eight-sided fortress (ESF) block cipher algorithm. By extending forward by three rounds and backward by three rounds based on a nine-round impossible differential distinguisher, a 15-round impossible differential attack is conducted. Utilizing the new model, the minimal guess basis required for key recovery is determined to be 54 bits. This represents a significant improvement compared to the existing result of 58 bits.The results indicate that for a 15-round impossible differential attack on the ESF algorithm, the data complexity is 2^31.18 CP, the time complexity involves 2^61.67 iterations of 15-round encryption, and the memory complexity is 2^66.18 bytes. Furthermore, this paper introduces, for the first time, a principle for designing key scheduling algorithms based on the guessing basis. This principle is applied to the ESF algorithm, where the minimal guess basis is employed to determine the positions of S-boxes and the parameters for cyclic shifts within the key scheduling algorithm. Without altering the consumption of software or hardware resources, a global optimal search is conducted among various key scheduling candidate approaches. By employing an equivalence class partitioning approach derived from 2108 instances of nine-round impossible differential distinguishers, the search space is reduced. Eventually, a selection process identifies a set of eight novel key schedule algorithms that achieve the maximum value of 77 bits for the minimal guess basis. These new key scheduling algorithms exhibit enhanced resistance against impossible differential attacks.

The fact that designing secure and efficient identity or attribute-based encryption (ABE) schemes requires the use of specific algebraic tools like bilinear pairings or lattices is well known in the cryptographic community. However, some journals whose main topics are not cryptographic still publish papers proposing, for instance, ABE schemes in settings like the (pairing-free) discrete logarithm one. The goal of this submission is to emphasize, once again, the statements in the two previous paragraphs. As an illustration, we describe attacks on five insecure schemes that have recently been published in (prestigious) journals.

Draco is a lightweight small-state stream cipher proposed in 2022. It is designed to provide a 128-bit security level and be provably secure against time-memory-data trade-off (TMDTO) attacks. In this paper, we revisit the security of Draco against TMDTO attacks. Based on a new observation that for certain chosen initialization vectors (IVs) the state update function of Draco depends on only a small fraction of the nonvolatile internal state, a new TMDTO attack on Draco with a time complexity of 2^109.2 Draco iterations, a memory complexity of 2^109.6 bits and a data complexity of 2⁶⁴ bits is proposed. The attack is 2⁵ times better in the time/memory complexity with the same data complexity compared with the existing TMDTO attack. Furthermore, the security level that Draco can theoretically provide against TMDTO attacks is analyzed. As result, another TMDTO attack on Draco with complexities all below 2⁸⁷ is proposed. The cryptanalytic result shows that the Draco stream cipher can only offer an 87-bit security level against TMDTO attacks if the limitation on keystream length is not considered. Our results indicate that how to design a secure small-state stream cipher still needs further exploration.

The inefficiency of bootstrapping is the primary bottleneck preventing fully homomorphic encryption (FHE) from practical applications. One of the main obstacles to improving the bootstrapping performance using hardware acceleration is the large storage overhead of the bootstrapping keys. To the best of our knowledge, a recent TFHE-like FHE scheme proposed by Xiang and colleagues in 2023 has the smallest bootstrapping key size, which is about 70 MB for 128-bit security parameter (including 60 MB for the key-switching keys and about 10 MB for the blind rotation keys). In this paper, we further improved the bootstrapping algorithm of Xiang et al. with a 30x reduction in key size and a 1.2x speedup. In particular, our new algorithm only requires less than 3 MB bootstrapping keys and can be completed in merely 3 ms at 128-bit security. Technically, we rearranged the main process of the TFHE-like bootstrapping algorithm which allows us to greatly reduce the size of the key-switching keys from previous $$ to $$ bits, where n is the dimension of the lattice. We also improved the computation of the automorphisms by using a single generator, which allows us to reduce the blind rotation key size from previous $$ to $$ bits, where q is the modulus of the ciphertext. Finally, we apply our new FHE scheme to discretized neural networks (DiNNs). Experimental results show that compared to a previous FHE-friendly DiNN approach by Bourse and colleagues in 2018 at the same security and accuracy, our approach achieves a 36x reduction in memory and a 8x speedup in time.

The rapid growth of Internet of Things (IoT) devices has posed significant security challenges, particularly in detecting anomalies and malicious behaviors in network traffic. This study presents an innovative intrusion detection system (IDS) framework that combines Gaussian noise injection and Hurst parameter calculation with a hybrid convolutional neural network-long short-term memory (CNN-LSTM) model for anomaly detection in IoT traffic. The proposed approach is evaluated using the CIC-IDS2017 dataset, a comprehensive source representing network attacks. During the preprocessing stage, noise is added to simulate real-world network fluctuations, and Hurst parameter values are calculated to measure the long-term memory of traffic patterns. Principal component analysis (PCA) is also employed to reduce data dimensionality while preserving critical features, including the Hurst parameter. The CNN-LSTM model, optimized with the Adam optimizer, effectively learns the spatiotemporal features of network traffic and demonstrates high accuracy in classifying benign and attack samples. Experimental results reveal that the model achieves an accuracy and detection rate of 99.69%, even in the presence of noise. Incorporating the Hurst parameter as a distinguishing feature enhances the detection of subtle anomalies that traditional IDS methods may overlook. The anomaly detection mechanism analyzes traffic patterns using an error threshold and flags deviations as potential security threats. The proposed IDS framework effectively distinguishes between normal and malicious traffic, balancing the detection of both rare and common attacks. The findings underscore the importance of integrating statistical metrics, such as the Hurst parameter, with deep learning models to enhance the robustness and reliability of IoT security systems. This hybrid approach addresses the dynamic and evolving nature of IoT networks, offering a scalable and efficient solution for real-time anomaly detection. The proposed method marks a promising advancement in securing IoT ecosystems against evolving cyberthreats.

Ensuring the information security and privacy of users in the Internet of Vehicles (IoV) is crucial for gaining user trust and promoting the application of vehicular networks. This article designs an efficient linkable ring signature (LRS) scheme on the basis of the middle-product learning with errors (MP-LWE) problem and applies it to vehicular networks to resist quantum computer attacks. First, a new authentication scheme based on the MP-LWE problem is proposed. In addition, it is demonstrated to be compatible with the DualRing framework. Then, according to the transformation of DualRing, a new efficient ring signature scheme based on the MP-LWE problem is obtained. With anti-collision hash functions to assign a specific tag to each user, this ring signature scheme is converted into a secure LRS scheme. Subsequently, under the random oracle model, the unforgeability, anonymity, and linkability of the LRS scheme are shown. Furthermore, by integrating the scheme constructed in this article with blockchain technology and applying it to IoV scenarios, it effectively ensures the privacy of vehicle identities during communication and the reliability of messages and significantly improves communication efficiency. The signature length of the LRS scheme designed in the present study is 4–20 times shorter than that of similar schemes. Regarding time overhead, the total time overhead of our scheme can be reduced by 14.72%–40.38%.

Intent vulnerabilities pose a significant threat as they allow attackers to exploit unverified intent messages, leading to sensitive data leaks, privilege escalations, or unauthorized actions that compromise user privacy and system security. Fuzzing methods, as traditional Intent vulnerability detection methods, are guided by the edge coverage of the program-directed graph and do not focus on sensitive information, resulting in a lack of ability to discover vulnerabilities related to sensitive information, especially long-path vulnerabilities. This article proposes PathFuzzer, which is an intent-sensitive information flow path-guided fuzzing method designed to efficiently detect intent vulnerabilities in Android applications. It leverages intent-sensitive information flow paths to guide fuzzing by sending test cases along these paths and mutating test cases based on the parameter within the paths. Additionally, PathFuzzer utilizes unique long path encoding and key node identification technology to enable test cases to efficiently test along sensitive information flow paths, while monitoring the test status to form a feedback mechanism for long paths. The evaluation results show that PathFuzzer successfully detected 131 intent vulnerabilities across 500 popular applications from Google Play. Compared to traditional methods, PathFuzzer achieved a 92% average path coverage rate on sensitive paths while improving detection efficiency by an average of up to 64%. In summary, PathFuzzer provides an efficient, accurate, and comprehensive method for detecting Intent vulnerabilities.

Digital advancements have made cloud computing and IoT essential for innovative environments such as healthcare and industry. Cloud platforms offer scalable compute and storage capabilities, whereas IoT devices generate real-time data. However, there are significant challenges faced while integrating the IoT with cloud to achieve robust, scalable, and secure access control. Traditional centralized models, such as static rule-based mechanisms and public key infrastructure (PKI), are prone to single points of failure and suffer from limited scalability and poor adaptability. To address these issues, this paper proposes a decentralized access control architecture that combines blockchain with a hybrid bidirectional graph convolutional network (Bi-GCN). The framework integrates ciphertext policy-attribute based encryption (CP-ABE) with trusted platform module (TPM)–based pseudonymous identities and the blockchain smart contracts for fine- and hardware-assisted access control. A generative adversarial network (GAN)-assisted prevalidation layer filters sybil, tampering, and spoofing attempts before block inclusion, enhancing integrity and reducing overhead. Bi-GCN supports real-time anomaly detection, trust adaptation, and behavior profiling, while smart contracts enforce adaptive role-attribute policies. Experimental results show that the proposed model outperforms existing methods across key metrics, including 0.97 accuracy, 0.98 F-measure, and minimal security overhead of 0.7%. Although it introduces slight latency due to advanced processing, the benefits of secure and intelligent access management outweigh the trade-off. The integration of blockchain ensures decentralized and immutable policy enforcement, while Bi-GCN facilitates self-adaptive security, making the architecture suitable for dynamic IoT–cloud ecosystems.

As the most widely used operating system in the world, Android has naturally become the main target of malicious hackers. The current research on Android malware detection relies on manually defined sensitive API feature sets. With the continuous innovation and change of malicious behavior, new threats and attack methods have emerged. If we still rely on the original sensitive API set, malicious applications will not be discovered. To address this issue, we do not use the existing sensitive API feature set but instead design a key activation mechanism (KAM) based on convolutional neural networks (CNNs) to obtain sensitive API. We use this mechanism to automatically mine API features that play an important role in determining maliciousness from application datasets. And we use the API group (ApiG) obtained through this mechanism for template generalization, and obtain a method called AEDroid that can delay model aging. By analyzing these API features, it was found that they not only cover the existing sensitive API feature types but also include sensitive APIs for seven new types of malicious behavior. The experimental results show that with the addition of the newly discovered sensitive API, the Android malware detection rate has increased by more than 5%, especially on newly emerged malicious datasets, where the effect is more pronounced.

In this work, we explore the recent developments related to lattice-based signature and preimage sampling, and specify a compact identity-based signature (IBS) on an ideal lattice for practical use. Specifically, we first propose an ellipsoid version of the G + G signature scheme (Asiacrypt 2023) that achieves slightly better signature size and higher security. Then, by adapting a specific preimage sampling algorithm to the modified G + G signature, we obtain an efficient IBS scheme. In addition, we prove its security in the quantum random oracle model (QROM), following the paradigm introduced by Zhangdry (Crypto 2012). Finally, a complete specification of the IBS, featuring three distinct parameter sets, is accompanied by a proof-of-concept implementation. We believe that the combination of the preimage sampling with the Fiat–Shamir transformation holds potential for application in the other advanced digital signature schemes.